package com.hqyj.springCloudRegister.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;

/**
 * @author yun
 * @date 2021-5-11 17:07
 */
@Configuration //配置spring容器
@EnableWebSecurity//1: 加载了WebSecurityConfig配置类, 配置安全认证策略。2: 加载了AuthenticationConfiguration, 配置了认证信息。
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        // Basic 认证是一种较为简单的 HTTP 认证方式，客户端通过明文（Base64编码格式）传输用户名和密码到服务端进行认证
        http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.NEVER);
        http.csrf().disable();
        http.authorizeRequests().anyRequest().authenticated().and().httpBasic();
    }
}
